A massive data breach has exposed the login credentials of over 184 million users across multiple online platforms, with Netflix accounts representing the largest segment of compromised streaming service data. Security researcher Jeremiah Fowler revealed the unencrypted database in early May 2025, containing over 47 gigabytes of sensitive information stored on an unprotected server without password locks or encryption.
The breach affected more than 5 million Netflix accounts within a collection of 7 million compromised streaming service records. Additional platforms included Disney+, Amazon Prime Video, Apple TV+, and Max, alongside global services such as Google, PayPal, Facebook, and Microsoft. The compromised data spans at least 29 countries and includes government and corporate email addresses, greatly expanding potential security risks. Zero-day exploits contributed significantly to the magnitude of compromised accounts across platforms.
The massive breach compromised 5 million Netflix accounts across 29 countries, including sensitive government and corporate credentials.
Cybercriminals gathered these credentials through widespread infostealer malware campaigns rather than direct platform breaches. The malicious software was distributed via unofficial browser extensions, applications, and third-party downloads, silently extracting login credentials, cookies, and credit card information from infected devices. These stolen credentials are then sold or traded on cybercriminal forums, creating opportunities for secondary attacks. Digital footprint analysts emphasize the importance of securing devices and maintaining vigilance against suspicious downloads and links.
Fowler verified the database’s authenticity by contacting affected users and confirming valid account information. The exposed data included active login credentials for numerous popular services and links to authorization pages, increasing risks of follow-up phishing attacks. Public access to the database was blocked after notification to the hosting company, though the exact duration of exposure remains unknown.
This incident follows a smaller breach in early 2024 involving 70 million records, indicating ongoing cybercriminal activity targeting user credentials. The current leak places affected individuals at heightened risk of identity theft, unauthorized account access, and subscription fraud. Government and corporate account compromises amplify threats to organizational security.
Cybersecurity experts stress immediate password changes for all potentially affected accounts, particularly Netflix and other streaming services. Users should implement two-factor authentication, monitor account activity regularly, and avoid password reuse across platforms. Security professionals recommend utilizing password managers to maintain unique credentials across different services and strengthen overall account protection.
The breach’s scale highlights the critical importance of strong cybersecurity practices and the persistent threat posed by credential theft campaigns targeting millions of users worldwide.
